EUVD-2025-27004

Malicious code in bioql PyPI...

Google Android elevation of privilege vulnerability (CNVD-2025-29702)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to an obfuscated agent in the loadDrawableForCookie function in ResourcesImpl.java. An attacker can exploit the vulnerability to elevate privileges...

CVE-2025-26452

In loadDrawableForCookie of ResourcesImpl.java, there is a possible way to access task snapshots of other apps due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-26452

CVE-2025-26452 affects Android Framework via the ResourcesImpl.java: loadDrawableForCookie path, where a confused deputy may allow an app’s task snapshots to be accessed, enabling local elevation of privilege without extra execution privileges or user interaction. Public sources (Android bulletin...

CVE-2025-26452

In loadDrawableForCookie of ResourcesImpl.java, there is a possible way to access task snapshots of other apps due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2025-36022

Name of the Vulnerable Software and Affected Versions: ResourcesImpl.java affected versions not specified Description: The loadDrawableForCookie function in ResourcesImpl.java may allow access to task snapshots of other applications due to a confused deputy condition. This could lead to local...